This talk aims to shine a light on IPv6 security issues and will attempt to take it from fringe circles of theoretical security researchers to the world of practical secure implementations. In the wake of ubiquitous mobile computing, internet of things and online entertainment, followed by IPv4 address space exhaustion, there is demand for a production ready IPv6 protocol. Not only does IPv6 offer virtually inexhaustible address space, but it was meant to address several problems seen previously in IPv4 protocol and a few additional ones to address the newly introduced complexity. To offset this complexity, auto configuration mechanisms were introduced to deal with interface address auto configuration, router and DNS server selection, neighbour unreachability detection, prefix discovery, link layer address detection and others. IPv6 is oftentimes enabled by default on modern operating systems and embedded devices. Vendors also tend to deploy an inconsistent implementation of the protocol whose level of compliance lags behind the most recent version standards. This, alongside auto configuration features and protocol complexity results in misconfigurations and security gaps going unnoticed by network administrators and security professionals. This talk will critically look at IPv6 auto configuration features from a point of view of a security practitioner and will look at the following: The old and the new (IPv4 vs IPv6) – an overview Up to date threat analysis of IPv6 auto configuration features Real world IPv6 problems in data centre and enterprise networks Real world IPv6 attack vectors and exploitation of said problems An overview of mitigation techniques and their effectiveness Speculation about what the future holds for us in regards to IPv6 roll out from a security point of view Attendees will be provided with an insight of the risks associated with the roll out of the IPv6 protocol, enabling them to determine if auto configuration is indeed boon or bane. Furthermore, participants will also gain an in depth understanding on how to effectively mitigate against these threats.